December 2024

Europe’s largest local authority settles on ERP budget 5x original estimate

Europe’s largest local authority settles on ERP budget 5x original estimate 2024-12-06 at 13:16 By Lindsay Clark Schools taken out of scope, but £108M plan still dwarfs initial £20M Europe’s largest local authority has settled on a £108 million ($137 million) bill for its disastrous replacement of SAP with Oracle until 2026, five times the […]

React to this headline:

Loading spinner

Europe’s largest local authority settles on ERP budget 5x original estimate Read More »

How to choose secure, verifiable technologies?

How to choose secure, verifiable technologies? 2024-12-06 at 12:16 By Zeljka Zorz The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, compiled to assist organizations in making informed decisions when procuring software (proprietary or open source), hardware (e.g., IoT devices), and cloud services

React to this headline:

Loading spinner

How to choose secure, verifiable technologies? Read More »

Veteran Microsoft engineer shares some enterprise support tips

Veteran Microsoft engineer shares some enterprise support tips 2024-12-06 at 11:37 By Richard Speed How to tell a customer they’re an idiot without telling them they’re an idiot Microsoft veteran Raymond Chen revealed another product support trick from within the corridors of Microsoft. This time, it’s not about blowing on connectors but about avoiding casting

React to this headline:

Loading spinner

Veteran Microsoft engineer shares some enterprise support tips Read More »

Russian Hacktivists Increasingly Tamper with Energy and Water System Controls

Russian Hacktivists Increasingly Tamper with Energy and Water System Controls 2024-12-06 at 11:16 By Cyble Overview  Two Russian hacktivist groups are increasingly targeting critical infrastructure in the U.S. and elsewhere, and their attacks go well beyond the DDoS attacks and website defacements that hacktivist groups typically engage in.  The groups – the People’s Cyber Army

React to this headline:

Loading spinner

Russian Hacktivists Increasingly Tamper with Energy and Water System Controls Read More »

More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader

More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader 2024-12-06 at 10:47 By The threat actors behind the More_eggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service (MaaS) operation. This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which are

React to this headline:

Loading spinner

More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader Read More »

NASA finds Orion heatshield cracks won’t cook Artemis II crew

NASA finds Orion heatshield cracks won’t cook Artemis II crew 2024-12-06 at 10:31 By Laura Dobberstein Lunar flights therefore set for seven-month delay and change re-entry approach, but redesign not needed NASA’s investigation into damage found on the heatshield of the Artemis Mission’s Orion module two years ago has concluded that the technique used to

React to this headline:

Loading spinner

NASA finds Orion heatshield cracks won’t cook Artemis II crew Read More »

UNC2465 Resurfaces with Smoked Ham Backdoor in New Cyber Threat

UNC2465 Resurfaces with Smoked Ham Backdoor in New Cyber Threat 2024-12-06 at 09:56 View original post at Safety Detectives A new cyber threat linked to the well-known UNC2465 group has security experts sounding the alarm. UNC2465, previously associated with the infamous Darkside ransomware group, is deploying a sophisticated Windows backdoor dubbed “Smoked Ham.” Despite law

React to this headline:

Loading spinner

UNC2465 Resurfaces with Smoked Ham Backdoor in New Cyber Threat Read More »

Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware

Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware 2024-12-06 at 09:49 By The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop. The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early

React to this headline:

Loading spinner

Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware Read More »

CISA Updates Known Exploited Vulnerabilities Catalog, Adding 3 Critical Flaws

CISA Updates Known Exploited Vulnerabilities Catalog, Adding 3 Critical Flaws 2024-12-06 at 09:18 By Cyble Overview  The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding three critical flaws that are currently being actively exploited. These vulnerabilities impact a range of products, from industrial control systems (ICS) to

React to this headline:

Loading spinner

CISA Updates Known Exploited Vulnerabilities Catalog, Adding 3 Critical Flaws Read More »

PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files

PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files 2024-12-06 at 08:04 By Jessica Lyons Still unpatched 100+ days later, watchTowr says A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive files on vulnerable

React to this headline:

Loading spinner

PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files Read More »

December 2024 Patch Tuesday forecast: The secure future initiative impact

December 2024 Patch Tuesday forecast: The secure future initiative impact 2024-12-06 at 08:04 By Help Net Security It seems like 2024 just started, but the final Patch Tuesday of the year is almost here! In retrospect, it has been a busy year with continued Windows 11 releases, the new Server 2025 release, and all the

React to this headline:

Loading spinner

December 2024 Patch Tuesday forecast: The secure future initiative impact Read More »

Teenagers leading new wave of cybercrime

Teenagers leading new wave of cybercrime 2024-12-06 at 07:42 By Help Net Security Global data breaches show no signs of slowing down as this year has already exceeded 2023 in the number of data breaches and consumers impacted, according to Experian. Younger cybercriminals on the rise Today, the world of cyber hacking is not confined

React to this headline:

Loading spinner

Teenagers leading new wave of cybercrime Read More »

Building a robust security posture with limited resources

Building a robust security posture with limited resources 2024-12-06 at 07:03 By Mirko Zorz In this Help Net Security interview, Gareth Lindahl-Wise, CISO at Ontinue, discusses how business leaders can align innovation with cybersecurity, tackle the risks posed by legacy systems, and build defenses for startups. Lindahl-Wise also highlights collaboration and strategic planning as essential

React to this headline:

Loading spinner

Building a robust security posture with limited resources Read More »

Phishing attacks rose by more than 600% in the buildup to Black Friday

Phishing attacks rose by more than 600% in the buildup to Black Friday 2024-12-06 at 07:02 By In the week leading up to Black Friday and Cyber Monday, there was a 692% increase in phishing attacks.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Phishing attacks rose by more than 600% in the buildup to Black Friday Read More »

GenAI makes phishing attacks more believable and cost-effective

GenAI makes phishing attacks more believable and cost-effective 2024-12-06 at 06:39 By Help Net Security GenAI is a powerful tool that can be used by security teams to protect organizations, however, it can also be used by malicious actors, making phishing-related attacks a growing and concerning threat vector, according to Ivanti. Ivanti’s research revealed that

React to this headline:

Loading spinner

GenAI makes phishing attacks more believable and cost-effective Read More »

New infosec products of the week: December 6, 2024

New infosec products of the week: December 6, 2024 2024-12-06 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Datadog, Fortinet, Radiant Logic, Sweet Security, Tenable, and Veza. FortiAppSec Cloud simplifies web application security management With FortiAppSec Cloud, customers have deep visibility and

React to this headline:

Loading spinner

New infosec products of the week: December 6, 2024 Read More »

Huawei handed 2,596,148,429,267,413, 814,265,248,164,610,048 IPv6 addresses

Huawei handed 2,596,148,429,267,413, 814,265,248,164,610,048 IPv6 addresses 2024-12-06 at 04:54 By Simon Sharwood That’s 2.56 decillion of them, destined for use in CDNs and the cloud – and APNIC needed 83 decillion more to handle the request Huawei has been allocated 2.56 decillion IPv6 addresses by regional internet registry the Asia Pacific Network Information Center (APNIC).

React to this headline:

Loading spinner

Huawei handed 2,596,148,429,267,413, 814,265,248,164,610,048 IPv6 addresses Read More »

Trump names David Sacks as White House AI and cryptocurrency czar

Trump names David Sacks as White House AI and cryptocurrency czar 2024-12-06 at 04:20 By Fox News President-elect Trump named former PayPal Chief Operating Officer David Sacks to be his White House artificial intelligence (AI) and cryptocurrency czar. This article is an excerpt from Latest Technology News and Product Reviews | New York Post View

React to this headline:

Loading spinner

Trump names David Sacks as White House AI and cryptocurrency czar Read More »

Microsoft: Another Chinese cyberspy crew targeting US critical orgs ‘as of yesterday’

Microsoft: Another Chinese cyberspy crew targeting US critical orgs ‘as of yesterday’ 2024-12-06 at 03:19 By Jessica Lyons Redmond threat intel maven talks explains this persistent pain to The Reg A Chinese government-linked group that Microsoft tracks as Storm-0227 yesterday started targeting critical infrastructures organisations and US government agencies, according to Redmond’s threat intel team.…

React to this headline:

Loading spinner

Microsoft: Another Chinese cyberspy crew targeting US critical orgs ‘as of yesterday’ Read More »

Scroll to Top